TTC | W-SYNC API authenticates your requests to ensure that they really come from you.All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail with the relevant error being returned to you.You need to provide one of three types of key, depending on who you are and what API you call.API Keys in Playground and Production are different and CANNOT be used interchangeably. Please make sure that you use the correct one for the correct environment.
Public key#
Public key is used when you make a request from the server side.Authentication to the API is performed via HTTP Basic Auth , using your Public key as the username and your Public key as the password.Your Public key can be self-managed through your account in TTC | W-SYNC under the Developers sectionSecret key#
Use the secret key for requests initiated on your server relating to your account. The secret key must not be shared, and we highly recommend encrypting the key on your server for maximum protection.If you believe your secret key has been compromised, log in to your TTC | W-SYNC account, generate a new key using the Roll key button, and make sure your integration is updated accordingly.Please DO NOT share your Secret key keys in any publicly accessible places such as GitHub, GitLab, BitBucket, on your client-side code, and so on.
Basic Auth#
In basic HTTP authentication, a request contains a header field in the form of Authorization: Basic <credentials>, where is the Base64 encoding of ID and password joined by a single colon :. 
